Skip to content

Instantly share code, notes, and snippets.

@arpit

arpit/http.md

Last active August 15, 2018 21:44
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save arpit/c5e0f48cf7b41c277245dcf9134bb5b5 to your computer and use it in GitHub Desktop.
Save arpit/c5e0f48cf7b41c277245dcf9134bb5b5 to your computer and use it in GitHub Desktop.
Download ZIP
HTTP basics
Raw
http.md

Basic HTTP

The Client Server Model

The core working of the internet is based on the idea of client / server communication. The client is anything close to the user (a web browser, an app, a terminal with ssh) and a server that can respond to client queries.

Clients can talk to servers via a variety of protocols. The protocols are just a way for the client and server to agree on how to send data back and forth. Its like you and I talking. We can agree that we use English and with a friend of mine I can use Hindi.

Different Client / Server protocols include:

  • HTTP
  • FTP
  • SSH
  • WebSockets

HTTP Basics

Read this

  • What are HTTP headers?
  • What is the difference between a request and a response header?
  • What are HTTP methods? (Get, put, post delete)
  • What does content-type header do?
  • What does Accepts do?

What is an API ?

The server can either respond with html (giving a specific view representing the data) or with just raw data (JSON or XML) and leave the actual view to the client.

In the modern world, APIs are becoming more useful because we have so many different kinds of clients (web browsers, apps, etc)

Passing data to the API

You can pass data to the API via the same mechanisms as passing data to a server. This includes:

Passing Query String data

http://mysite.com/api/?book_id=1&chapter_id=1

Anything after the ? in the URL is considered querystring data and can be understood by the server. You send the data in pairs and break the pairs with the & symbol.

This is only used for GET and PUT requests. There is a limit to how much data you can send in query string (though the RFC doesn't mention that). Thats because when you add query string data, the URL keeps growing and different browsers have limits on that max length.

You should never be sending a lot of data via query strings. If you are trying to send a lot of data that means you are creating data not really "filtering by a parameter" so you should be using POST and POST data

[chatscript_start]

How would you pass the zipcode and city as parameters to an API ?

[chatscript_end]

Pass Data in POST data

If you are using HTTP POST, you can use the POST data field to make the request.

See here

Authentication in APIs

How do you secure an API to allow only certain clients have access to it? You can use simple authentication mechanisms built into HTTP

For example Basic Auth where you can send an encrypted version of username and password in the Authorization HTTP header)

Never trust a client machine, so this method is kinda unfavorable. Using

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment